Comments

When strncmp() on powerpc is given a length of zero, it detects this and
returns early to make the comparison loop simpler. When it does this, however,
it fails to set a return value, and thus returns the address of the first
string as the number of the character match. It should return 0 instead in
this case.
This can be tested by compiling and attempting to load the following module:
#include <linux/init.h>
#include <linux/module.h>
char string1[1], string2[1];
size_t count_global = 0;
static int __init strncmp_init(void)
{
string1[0] = string2[0] = 0;
if (strncmp(string1, string2, count_global)) {
printk("Strncmp Bug!\n");
return -EIO;
}
return -ENOANO;
}
module_init(strncmp_init);
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Probe strncmp() bug");
It should return error "No anode" on success and "I/O error" on failure. The
module will not be retained.
Signed-off-by: David Howells <dhowells@redhat.com>
---
arch/powerpc/lib/string.S | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)